UI5 and xRoute: http 403 "CORS not allowed"
Posted: Mon Oct 15, 2018 9:32 am
Hi all,
just wanted to share some Information with you.
Setting:
We built an UI5 app which gets data from both a SAP backend (via NW Gateway) and for map tiles and routing data, calls an on premise xRoute Service which is running on a dedicated machine.
Problem description:
During implementation, we worked with the PTV Cloud Services for testing purpose, and everything worked fine. However, after changing the URL for xRoute from Cloud to our local machine, the app did not work anymore. We got a http error 403 "CORS not allowed", although the Server was reachable and CORS is activated per Default in xRoute.
Reason:
The UI5 apps is running on the SAP application Server (e.g. mysapserver.com/sap/bc/ui5_ui5/sap/zui5_app/index.html). When trying to call PTV xRoute Service, it tries to connect to a different URL (in our case: 10.x.x.x IP), which is blocked in UI5 context. The application must allow CORS (cross origin resource sharing).
Solution:
SAP UI5 defines some http headers which must be supported by the application to get CORS worked. In our case, header "authorization" was missing.
We added it in xroute/webapps/xroute/WEB-IN/web.xml. Now it works fine
just wanted to share some Information with you.
Setting:
We built an UI5 app which gets data from both a SAP backend (via NW Gateway) and for map tiles and routing data, calls an on premise xRoute Service which is running on a dedicated machine.
Problem description:
During implementation, we worked with the PTV Cloud Services for testing purpose, and everything worked fine. However, after changing the URL for xRoute from Cloud to our local machine, the app did not work anymore. We got a http error 403 "CORS not allowed", although the Server was reachable and CORS is activated per Default in xRoute.
Reason:
The UI5 apps is running on the SAP application Server (e.g. mysapserver.com/sap/bc/ui5_ui5/sap/zui5_app/index.html). When trying to call PTV xRoute Service, it tries to connect to a different URL (in our case: 10.x.x.x IP), which is blocked in UI5 context. The application must allow CORS (cross origin resource sharing).
Solution:
SAP UI5 defines some http headers which must be supported by the application to get CORS worked. In our case, header "authorization" was missing.
We added it in xroute/webapps/xroute/WEB-IN/web.xml. Now it works fine